Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[azure] signinlogs - support additional category types #1721

Merged

Commits on Oct 6, 2021

  1. Azure SignInLogs - support additional category types

    Add support and tests for ManagedIdentitySignInLogs, NonInteractiveUserSignInLogs, and ServicePrincipalSignInLogs.
    The pipeline will process any logs that have category of /.*SignInLogs$/. It previously only processed logs that matched
    a category of /^SignInLogs$/.
    
    Changes
    
    - Convert azure field names from camel case to snake case to be consistent with our other fields. Previous this
      was done on field by field basis with rename processors. Now a script processor does it recursively on all fields.
    - Populate user_agent fields.
    - Flatten the key/value objects under azure.signinlogs.properties.authentication_processing_details.
    - Populate event.id with azure.signinlogs.properties.id.
    - Set source.address.
    andrewkroh committed Oct 6, 2021
    Configuration menu
    Copy the full SHA
    f0c3f18 View commit details
    Browse the repository at this point in the history